We're on location at Microsoft Build 2018 talking with Julia White, Corporate Vice President at Microsoft — a 17 year Microsoft veteran. We talked with Julia about her take on this “new Microsoft”, Satya Nadella's first appearance as CEO when they revealed the first glimpse of Microsoft’s cloud offering which started with Office, the beginnings of Microsoft Azure, Azure as the world’s computer, and how every company is becoming a software company.

Jessie Frazelle: There seems to be some confusion around sandboxing containers as of late, mostly because of the recent launch of gvisor... There is a large amount of ignorance towards the existing defaults to make containers secure. Which is crazy since I have written many blog posts on it and given many talks on the subject. Jessie has been doing the yeoman's work of Linux kernel isolation and making containers secure for awhile now, but much of that work has been overlooked or disregarded by others in the community. I'm on the outside looking in at this situation, so it's tough to call exactly what's going on, but according to Jessie: When you work at a large organization you are surrounded by an echo chamber. So if everyone in the org is saying “containers are not secure,” you are bound to believe it and not research actual facts. That doesn't mean Jessie thinks containers are secure (click through to read her take on that). There's a lot to dig in to here and think about. I'll pull out one last point: I am not trying to throw shade at gvisor but merely clear up some FUD in the world of open source marketing. I truly believe that people choosing projects to use should research into them and not just choose something shiny that came out of Big Corp. Now that's a sentiment I can get behind! Oh, and listen to this related episode of The Changelog if you haven't yet. It's a must-listen for all developers.

If you've been looking for a fun, interactive, deep-dive into Bézier curves, this blog post from Josh Comeau is for you. Also, this is Josh's first post to his new blog, which is also open source on GitHub — so the following is a nice intro for what to expect. The whole reason I started this blog was that I wanted a way to build dynamic, interactive articles that are more effective at sharing and teaching concepts. Unlike with plain text on Medium, this blog is a fully-powered React app, and so I can create and embed interactive elements that help the reader build an intuitive understanding of the subject being presented. These dynamic "flattenable" Bézier curves are a perfect subject for this format, as they have underlying complexity that would be difficult to explain with words alone. And here's what to expect from this post on Bézier curves. In this maiden blog post, we'll go through the basics of working with Bézier curves and SVG in React.js. We'll learn how to build dynamic curves that respond to user input.

Dimitri Fontaine, a PostgreSQL major contributor, has written an awesome blog series on PostgreSQL data types to show how to benefit from the PostgreSQL concept of a data type. The PostgreSQL concept of a data type is more than input validation, a PostgreSQL data type also implements expected behaviors and processing functions. This allows an application developer to rely on PostgreSQL for more complex queries, having the processing happen where the data is — for instance when implementing advanced JOIN operations, then retrieving only the data set that is interesting for the application. The posts in this series were extracted from his book Mastering PostgreSQL in Application Development — which teaches SQL to developers so they can replace thousands of lines of code with very simple queries.

Our friends at GoCD are hosting a free webinar covering a practical guide in designing a Docker based CD pipeline on modern container infrastructure - Kubernetes. Sheroy Marker and Ken Mugrage will analyze: Continuous Delivery to Kubernetes Docker based build workflows An example of an end-to-end CD pipeline

This is a lot like Ruby on Rails (even with ActiveSupport &amp; ActiveRecord built-in), but instead of views you have replies. It works for both voice-based and text-based bots and has NLP offerings baked in too. 🍰 The only bummer is that service integrations are currently limited to Facebook Messenger and Twilio SMS. That's pretty normal for a new open source offering, though, and it's a great place to hop in and contribute. ✊

Netflix open sourced their cloud gateway: The Cloud Gateway team at Netflix runs and operates more than 80 clusters of Zuul 2, sending traffic to about 100 (and growing) backend service clusters which amounts to more than 1 million requests per second. Pretty impressive. Click through to get the details of how Zuul 2 works and how they use it inside Netflix. I love when companies who are operating at webscale (😏) share their practices and code with the rest of us.

Eric Holthaus writes for Grist: Bitcoin’s energy footprint has more than doubled since Grist first wrote about it six months ago. It’s expected to double again by the end of the year... And if that happens, Bitcoin would be gobbling up 0.5 percent of the world’s electricity, about as much as the Netherlands. I can't be the only one paying attention to Bitcoin's rise in energy usage... That’s a troubling trajectory, especially for a world that should be working overtime to root out energy waste and fight climate change. By late next year, Bitcoin could be consuming more electricity than all the world’s solar panels currently produce — about 1.8 percent of global electricity... That would effectively erase decades of progress on renewable energy.

mostly's purpose is to serve as a lightweight, easy-to-comprehend starting point, with a focus on providing a great developer experience while helping you get high quality and maintainable web applications deployed rapidly. It uses Express for the server and React for the client. Worth a look if you're starting up a new web project. I dig this point about it: Nothing is hidden, nothing is magical, and all of the "plumbing" is accessible and simple.

Our friends at Rollbar are helping the developer community learn the insights necessary not just to identify and respond to problems after their app has been deployed, but to also trace issues to their source and fix things so those problems do not recur. Check out this free guide to modern observability. In this guide, we’ll explore: Modern observability challenges and why monitoring falls short Overview of tools and techniques to help you achieve observability How to implement best practices in your systems and development process

a collection of working, practical examples of using service workers in modern web sites. From caching strategies, to web push, to going offline and optimizing performance; this cookbook is chocked full of great recipes. There's also a comments section at the bottom of each recipe where people are answer the question, "Has it been useful?" Now that's useful!

Ives van Hoorne is the creator of Codesandbox; an online code editor written completely in React. Although Codesandbox is written in React, it can be used to build applications for any front-end framework.

Efail caused a panic at the disco: ... some researchers in Europe published a paper with the bombshell title “Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels.” There were a lot of researchers on that team but in the hours after release Sebastian Schinzel took the point on Twitter for the group. Oh, my, did the email crypto world blow up. The following are some thoughts that have benefited from a few days for things to settle. Lots of interesting insights here, perhaps most controversially how the EFF's handling of the situation may have done more harm than good in the author's opinion. Also: we could stand to have a renewed appreciation for OpenPGP’s importance to not just email crypto, but the global economy. I can say I definitely have more appreciation for it after reading this than I did before. I hadn't thought about its influence (which is huge) outside of encrypted email.

Want developers of great software to be able to make a living doing it? Want free trials in the App Store? Join The Developers Union! Dear Apple, We believe that people who create great software should be able to make a living doing it. So we created The Developers Union to advocate for sustainability in the App Store. Today, we are asking Apple to publicly commit — by the tenth anniversary of the App Store this July — to allowing free trials for all apps in the App Stores before July 2019. After that, we'll start advocating for a more reasonable revenue cut and other community-driven, developer-friendly changes.

A small utility to convert Unix lsof output to a graph showing FIFO and UNIX interprocess communication. This is written in Lua, but there are also Python and Perl ports because according to the author, "It seems that Lua was an unfortunate choice, since people keep sending me links to ports in other languages." Ouch. What's with all the Lua hate?

If you've heard of serverless' virtues, but have never taken that first step toward trying it out, this crash course is for you. Here's how you might feel by the end: What a journey. You have now witnessed the transition from traditional web development into the serverless revolution. With these simple tools we now have everything we need to create awesome, scalable, and reliable applications. In my humble opinion, this is all still too much work for most of us to go through. AWS needs some serious competition in this space. Said competition is undoubtedly on the way.

What is latency? And how exactly do you debug it? Jaana writes on the Observability+ blog: In the recent decade, our systems got complex. Our average production environments consist of many different services (many microservices, storage systems and more) with different deployment and production-maintenance cycles. Measuring latency and being able to react to latency issues are getting equally complex as our systems got more complex. This article will help you how to navigate yourself at a latency problem and what you need to put in place to effectively do so.

The Phusion team open sourced their customer support product –Support Central– which pulls in support requests from different channels, including GitHub Issues. GitHub tagging through Support Central allows our bootstrapped team to get a quick overview of which tickets are potentially blocked, rather than us periodically scrolling through the list and re-reading all the tickets. Perhaps your team will find it as useful as they do.

Our podcasts

No matter where you are on your hacker path, we have a podcast for you. This community cares about the past, present, and future hacker generation. We're about lifting people up, not putting people down.